Mr. Moyer advises clients in a variety of industries on a multitude of privacy and cybersecurity issues, including consumer privacy, financial privacy, healthcare privacy, and comprehensive data protection. Mr. Moyer has actively assisted with providing CCPA compliance advice to clients, including analyzing proposed regulations, drafting and updating privacy policies, developing internal processes, negotiating contractual arrangements, and preparing guidelines on responding to consumer rights requests. He has also frequently worked to assist U.S. and multinational companies understand their obligations under the EU’s GDPR and craft compliant contractual arrangements, internal processes, and cross-border data transfer mechanisms.
Mr. Moyer has counseled diverse clients on their compliance with broad privacy and consumer protection frameworks, including the FTC’s Section 5 authority, and more narrowly tailored statutes, such as COPPA, U.S. marketing laws (including CAN-SPAM and TCPA), and state biometric data laws. He has also worked closely with companies subject to industry-specific regulatory regimes, such as those in the financial and healthcare space. Mr. Moyer has assisted financial institutions draft GLBA-compliant privacy notices and ensure their data sharing arrangements adhere to the GLBA’s limitations, and provided hands-on guidance to a systemically important financial market utility seeking to bolster its compliance with applicable SEC and CFTC frameworks. He also has analyzed the myriad HIPAA obligations for covered entities, business associates, and health tech companies to account for novel uses and sharing of health information, and drafted appropriate contractual language to ensure HIPAA compliance.
With an understanding of the regulatory and business risks, Mr. Moyer has routinely counseled clients on devising and operationalizing privacy and data security programs, drafting website privacy policies and terms of use, negotiating data sharing agreements, and responding to law enforcement requests. Mr. Moyer has also provided advice regarding incident response strategy and preparedness and, for companies who have fallen victim to a breach, has assisted in investigations and counseled clients through the complex process of notifying customers, affected individuals, and regulators. Throughout his career, Mr. Moyer has performed privacy and data security due diligence and negotiated transaction documents in connection with more than 250 deals for public and private companies and private equity investments.
